Security risks on the Internet. What shall business know about cyber threats?
On the BLOX TV our main cybersecurity experts Nazar Tymoshyk, CEH, Ph.D., and Viktoria Miliar, VP of Compliance, had a discussion on how companies can prepare to survive cyber threats. Read further a summary of the interview with best tips on how to eliminate risks.
– What are the risks of security exposure on the internet?
– The common risks are the loss of data, modification of data, and data unavailability. A blockchain is a great technology from the security perspective but there is always a risk besides infrastructure and implementation of this technology.
– Are most businesses ready for cyber threats?
– Based on UD experience most businesses want to grow as fast as they can, which means going to production without taking proper time for testing, especially security testing. And as long as humans continue to write our code they will continue to make mistakes. This may result in a huge vulnerability and cybersecurity scandal.
– An attackers, who are they? What attacks do they conduct?
– The most common scenario for attackers nowadays is to exploit humans. Humans are actually the most vulnerable link in a chain. If the system itself is well protected, the hacker scenario would be to send a malicious attachment via email, for example, PDF file. As soon as your employee opens this file, an attacker gets a remote connection to your system.
– Another common attack scenario nowadays is “delayed attack’. That means that attackers enter your system and stay there for a while. It can be days, weeks and even months before they start their malicious operations. An attacker also may do small damage at a time, to stay unnoticed, for example, modify code, data, numbers which of course after some time can result in enormous damage. This gets us to question whether a company would notice this worm living inside before it’s not too late?
– How can a company mitigate against that?
– There are two approaches to deal with security incidents: proactive and reactive.
– The reactive approach is reacting to huge security incidents. Huge security incidents are significant and noticeable loss of data, money, IP etc. After this happens, you have to do forensics to investigate what has happened. This way you are reacting to an event.
– What should you do to avoid this situation?
– be proactive. The most important here is to have security monitoring in place. Only this way you can notice such small anomalies and stop them before it turns into huge losses. In addition, you can use security tools, for example, NIST US-based security framework. It’s good for any type of business with or without the blockchain, for a small or big one.
– As more companies move to blockchain the question comes: what is the level of its safety?
– It’s definitely less risky in comparison with other technologies, because it is tamper-proof. A blockchain is a technology that disallows changes in blocks. Nevertheless, it has its logic that can be tricked. For example, it may not notice small changes or small transaction. We have mentioned before that usually the weakest chain is a human. Unfortunately, this is applicable to the blockchain as well. They can accidentally or unintentionally make some part of a codebase publicly available. This can be more than enough for attackers to exploit technology logic and get into the system.
– Hacking for miners, how is this working?
– It’s pretty simple, attackers compromise a website with much traffic by putting a simple script in it. As a result, every time visitors are watching website content their machines are being used for mining bitcoins and generating revenue for an attacker. The user may not even notice that their machine slows down because of generating cryptocurrency. Bottom line here – the more traffic on a website – the more interesting target it becomes for hackers.
– Who are the hackers?
– They can be outsiders or blackhats, who want to play around, test their skills and to show off how cool they are. It can be competitors also if the business has tricky competitors who want to take it down. The most threatening scenario is actually the insider hacker, who has all the access to your system, who knows everything about them.
To sum up, it’s always a good idea to test all your systems not only from outside, eliminating the cyber threats on the Internet, but also to check on if there is an intruder inside. Penetration testing is a service that is performed to evaluate the security of the system. It shows the flaws and exposes the current state of your system. Depending on your use case there are different ways how to scan your business and make sure that you are secure.
Interested to learn more about hackers and cyber threats? To check out our next talk “Security exposure on the Internet – is blockchain the answer? Part 2.